FEATURE31 July 2023
Naming the end client: GDPR and data privacy
x Sponsored content on Research Live and in Impact magazine is editorially independent.
Find out more about advertising and sponsorship.
Kaleke Kolawole, policy manager at MRS, explores whether you need to name the client when conducting research, as well as the challenges of doing so.
It is a conundrum, we know. Do you need to name the client when conducting research? What are the challenges of doing so and are there any exemptions?
The MRS Code of Conduct states that ‘members must disclose the identity of clients where there is a legal obligation to do so’, and states that ‘where files of identifiable individuals are used – e.g., client databases – members must ensure that the source of the personal data is revealed at an appropriate point in the data collection’.
There is an obligation to name a commissioning client in three main scenarios:
- Client is the data controller or joint controller
- Client is the source of the personal data
- Client is receiving personal data from a research activity.
Additionally, the identity of the client must be revealed when data collection is undertaken if clients require personal data from a project.
First, what is a data controller?
The data controller determines the purposes for which, and the means by which, personal data is ...
-
Brought to you by:
©2024 The Market Research Society,
15 Northburgh Street, London EC1V 0JR
Tel: +44 (0)20 7490 4911
info@mrs.org.uk -
© Copyright 2024 Research Live
0 Comments